ICO Information Security Framework™ (IISF)

Overview

As your company prepares for an ICO (Initial Coin Offering) or token sale, it is extremely important that information security and compliance is considered throughout the entire process. While you may not yet have customers, or operate in a regulated industry (e.g. Healthcare), information security surrounding your business processes, intellectual properly, and data couldn't be any more important. We've all heard stories of companies losing millions (USD) in cryptocurrencies because their site or systems were compromised during a crypto sale. Regardless of if you're pre-ICO, or you're looking for additional ways to gain trust with investor or token buyers, it's imperative that you prioritize your information security and compliance efforts.

ICO Security and Compliance

We're excited about the prospects of cryptocurrencies and the numerous problems the blockchain can solve. It often feels like the "wild west." While the Healthcare industry has HIPAA, SaaS companies gravitate toward SOC 2, credit card processing has PCI, innovative companies using the blockchain, AI, datas science, and other emerging technologies have no guiding framework for security and compliance. To remedy this, we have developed the IISF, the ISO Information Security Framework.

About the IISF

The ISO Information Security Framework™ has been developed with the core purpose of enabling companies that are planning an ICO or token sale to build a strong foundation of information security and compliance. This is important to increase investor and customer confidence and improve the maturity of the business processes under control by the company. The IISF can serve as a due diligence function for those wishing to buy tokens.

The IISF enables pre-ICO companies to establish organization wide controls, information security and cloud best practices, and appropriate levels of change management control. Practical Assurance steps pre-ICO companies through the tasks required to secure you systems, on-going compliance monitoring, and the ability to report security/compliance status to investors and customers.